<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

New Gartner Report Identifies Cybersecurity Control Failure as #1 Executive Concern for 2021

down-arrow

With a variety of risks growing out of the pandemic, cybersecurity control failures was listed as the top executive concern during Q1 2021. According to the Gartner Emerging Risks Monitor Report, 67% of senior executives stated that the risk of cybersecurity control failure is their number one concern.

The Gartner poll consisted of 165 senior-level executives of different industries and regions, reflecting that these risks are prevalent concerns across the board. Second to cybersecurity risk, “the new working model” was cited as a top emerging risk. All top five concerns were internal risks, with remote talent management, organizational cultural degradation, and strategic corrections rounding out the list of pressing concerns according to executives. This is not to say that there is any shortage of external risks impacting operational activities, but the risk areas highlighted show just how much COVID-19 has impacted businesses and their future operations in a digital-first world.

For more information on Cyber and IT Risk Management post-COVID-19, download Gartner’s NEW Hype Cycle for Cyber & IT Risk Management report.

“Many organizations were forced to implement quick fixes to serious operational gaps as a result of their initial pandemic responses,” said Matt Shinkman, Vice President with the Gartner Risk and Audit Practice. “Nowhere has that been more apparent than in cybersecurity policies that have prioritized on-premises security over secure remote work access. Executives responsible for these areas are realizing that the time to enact more sustainable and robust policies is now.” 

With the pandemic and mandated lockdowns spurring a rapid switch to remote work setups, IT and security teams had to hastily retrofit their risk management strategies to accommodate remote work access and expand their VPN network for the whole enterprise. Integrated risk management has come into clear focus for organizations looking to reinvent risk management across all layers including technical to strategic. Loosely secured remote work environments have been the root cause of greater cybersecurity control concerns. 

According to the poll, most executives agree that as remote work setups become more of a permanent feature of work environments - security and IT teams need to improve on securing the network and remote access. In order to remediate certain risks, Gartner recommends implementing an identity-first security protocol and transferring endpoint protection services to the cloud. 

Following protracted vaccine rollout and reputational risks from citizen journalism compromised cybersecurity controls also ranked third in “risk velocity” in an alternative report metric that was measured. Gartner assessed risk velocity by evaluating executive polling data with data on the potential impact and growing speed of the risk. 

“Risk velocity can help executives see blind spots of emerging risks that might be moving towards an organization quickly, but aren’t appreciated yet by their peers,” said Mr. Shinkman. “However, in the case of cybersecurity risk, it’s good to see that the level of awareness among executives matches the severity of the risk facing their organizations.”

You may also like

Informing Cyber Risk Management ...
on May 18, 2023

Cybersecurity is no longer just an IT issue but a business risk that can impact an organization's reputation, financial health, and legal compliance. Cybersecurity risks are ...

Is Your Organization Prepared for ...
on May 3, 2023

Data storage, as well as maintenance tools and applications, have undergone many iterations in the past decade, with the introduction of cloud computing and Security Information ...

Strategies for Automating a Cyber ...
on May 8, 2023

Cybersecurity leaders and teams are overburdened by several growing trends and issues. And when your cybersecurity team is overworked and unequipped to manage cyber risk ...

Selecting the Right Cyber Risk ...
on April 13, 2023

Cyber risk quantification is the process of determining the likelihood and potential impact of a cyber attack or security breach. The probability and impact will vary based on ...

Leveraging Cyber Security ...
on May 26, 2023

A common misunderstanding with cyber risk management is that only the CISO and security practitioners should be concerned about cyber and information security. Instead, the state ...

Tips and Tricks to Transform Your ...
on April 12, 2023

Simply being “cyber aware” is an unviable option for board members as the impact of cybersecurity expands beyond IT systems. An unnoticed security gap or dated risk assessment are ...